blog.atwork.at

news and infos about microsoft, technology, cloud and more

Nachlese zum GDPR Workshop mit atwork, Microsoft und Grant Thornton

atwork organisierte einen GDPR-Workshop, der diese Woche bei Microsoft in Wien stattgefunden hat. Als kompetenten Partner aus der Wirtschaftsprüfung und Steuerberatung konnten wir Philipp Mattes von Grant Thornton gewinnen, der den ersten Teil präsentierte. Unsere Security Expertin Martina Grom informierte in Teil Zwei über die technischen Möglichkeiten mit den Microsoft Cloud Services. Sehen Sie hier eine Nachlese.

Use Azure AD app principal without user context

For an application registered in AAD to be able to run in application context only without a user context the Company Administrator” role has to be assigned to the application in order to be able to access administrator endpoints for APIs like the Microsoft Graph. No additional permissions have to be assigned to the application after assigning this role.The assignment has to be done using PowerShell and looks like this: (the app registration has to be done beforehand)Install-Module AzureADConnect-AzureAD$app = Get-AzureADServicePrincipal -SearchString "your app name"$role = Get-AzureADDirectoryRole | Where-Object { $_.DisplayName -eq "Company Administrator" }Add-AzureADDirectoryRoleMember -ObjectId $role.ObjectId -RefObjectId $app.ObjectIdNote that you have to replace the string your app name” with the name provided to your app registration. The script intalls (if not already installed) the AzureAD PowerShell module and uses the contained commandlets to get the service principal of the app registration by name, gets the Azure AD Directory Role Company Administrator” and adds this role to the service principal of the app. After the role has been added, the app might, e.g., make queries to the user endpoint of the Microsoft Graph API to get properties from any users in the AAD.

Add your local IP address to a SQL Azure Firewall easily

When working with SQL Azure you are aware that a connection is just established, if the client’s IP address is configured in the firewall of the SQL Azure database server. You needed to open the Azure Portal-SQL servers service, and add your IP address manually. Well, the good story is, now the SQL Server 2016 Management Studio does this for you!

Impressions of Microsoft Tech Summit Johannesburg

This week, we have been at Microsoft Tech Summit Johannesburg, South Africa. The event took place in Sandton Convention Center from 6th to 7th February 2017 and hosted over 50 technical sessions with a range of topics as Microsoft Azure, hybrid platforms, DevOps, app platform, productivity, collaboration and more. Read more here!

Office 365 Sicherheit - Advanced Security Management

Mit Office 365 sind Sie sicher unterwegs. Heute stelle ich Advanced Security Management vor, eine auf Office 365 reduzierte Variante von Cloud App Security. Advanced Security Management in office 365 hilft Ihnen dabei, proaktiv Änderungen in Ihrem office 365 Tenant zu monitoren, zu erkennen und darauf zu reagieren.

Customer Lockbox einfach erklärt

Office 365 bietet eine Reihe an Sicherheitsfunktionen, die einem Unternehmen helfen, die Unternehmenskommunikation sicher zu gestalten. In einer neuen Videoreihe zu Office 365 security auf Channel 9 in den Office 365 News stelle ich dazu einige vor. In 20 Minuten zeige ich dabei die Funktionsweise von Customer Lockbox. Customer Lockbox fügt eine zusätzliche Kontrollmöglichkeit ein.

Management capabilities for Office 365 Groups

By default, in Office 365 all users can create an Office 365 group. As IT Administrator you can restrict that users can create Office 365 groups. If you want to have a more granular control to define which users shall be able to create a group that’s more effort. See here, how this works.